Calling all Systems Center Users – You can Tell your Compliance Officer to speak SCOM to You

I was visiting a customer last week talking about how they use Tripwire Enterprise. The security and system administrator was by all standards at the top of her game. She and one other person had deployed over 100 Tripwire Enterprise agents in a couple of days and had meaningful reports for their security team in about three days. When I asked her what she liked about her implementation, she was gushing about how intuitive it was, the reports the team now uses as a preproduction push check and how she would never go back to doing it the old way. As they were a mostly Microsoft shop, I asked if anyone in the company used System Center Operations Manager. That’s my life, she said. She spends most of her day there and more importantly, the sysadmin team that is least responsive to her lives there.

I asked her, what if she could see up to date compliance status reports side by side with performance status every single day in System Center? What if, for any node in Microsoft System Center, you can see that performance was suddenly impacted right around the time a change was recently made by user ‘administrator’ and then drill into the changes? Here’s the best part – what if, once this change that puts your system into a vulnerable state is made, you receive an alert telling you it violated policy, tells you why it was important and then tells you how to fix it? Would you use it??? Something in her response tells me it would completely change the way they view compliance…